//package com.xt.mes.config.security;
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
//import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.web.AuthenticationEntryPoint;
//import org.springframework.security.web.SecurityFilterChain;
//import org.springframework.security.web.access.AccessDeniedHandler;
//import org.springframework.web.cors.CorsConfiguration;
//import org.springframework.web.cors.CorsConfigurationSource;
//import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
//
//import java.util.Collections;
//
///**
// * @program: demo
// * @Description 配置
// * @Date 2023/3/8
// */
//@Configuration
//@EnableWebSecurity
//@EnableMethodSecurity//开启注解权限配置
//public class SecurityConfig2 {
//
//    /**
//     * 认证失败
//     */
//    @Autowired
//    private AuthenticationEntryPoint myAuthenticationEntryPoint;
//    /**
//     * 授权失败
//     */
//    @Autowired
//    private AccessDeniedHandler myAccessDeniedHandler;
//
//
//    /**
//     * 强散列哈希加密实现 没有这个会报错 There is no PasswordEncoder mapped for the id “null“
//     */
//    @Bean
//    public BCryptPasswordEncoder newBCryptPasswordEncoder() {
//        return new BCryptPasswordEncoder();
//    }
//
//    //暴露出来 解决无法直接注入 AuthenticationManager
//    @Bean
//    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
//        return authenticationConfiguration.getAuthenticationManager();
//    }
//
//    @Bean
//    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
//        return http.authorizeHttpRequests(authorize-> {
//                    try {
//                        authorize
//                                // 放行登录接口
//                                .requestMatchers("/login").permitAll()
//                                // 放行资源目录
//                                .requestMatchers("/static/**", "/resources/**").permitAll()
//                                // 其余的都需要权限校验
//                                .anyRequest().authenticated();
////                                .csrf(csrf -> csrf.disable()); // 防跨站请求伪造
//                    } catch (Exception e) {
//                        throw new RuntimeException(e);
//                    }
//                }
//        ).build();
//    }
//
//
//    /**
//     * 跨域解决方案
//     *
//     * @return CorsConfigurationSource
//     */
//    CorsConfigurationSource configurationSource() {
//        CorsConfiguration corsConfiguration = new CorsConfiguration();
//        corsConfiguration.setAllowedHeaders(Collections.singletonList("*"));
//        corsConfiguration.setAllowedMethods(Collections.singletonList("*"));
//        corsConfiguration.setAllowedOrigins(Collections.singletonList("*"));
//        corsConfiguration.setMaxAge(3600L);
//        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
//        source.registerCorsConfiguration("/**", corsConfiguration);
//        return source;
//    }
//
//}